This section provides background information related to the present disclosure which is not necessarily prior art.
1. Technical Field
Method for authenticating components of a self-service automat, wherein the components possess unambiguous identification information that can be exchanged among the components.
2. Discussion
Self-service automats often have a series of components that must be connected one with the other. Normally, these automats have a standardized PC platform that meets special security requirements. Keypads, cash payment units (bank note separation module), card readers, monitors and other devices are connected to this PC platform (motherboard), for example by way of USB interfaces. It must also be taken into account that money cassettes are inserted into automated teller machines (ATM) that must be authenticated, or the ATM must authenticate itself to the cassette so that said cassette activates its operational functions.
Furthermore, these automats include the potential to connect to another computer so that a maintenance technician, for example, can connect to the self-service automat using his laptop.
In the preferred embodiment, USB or other serial (V24) connections are used to connect the devices to each other.
There are instances in which a security-related component in a self-service automat, identified in what follows as an automated teller machine, is to be replaced. One such component could be a hardware module, such as a money cassette, or a software component, such as a firmware update, or peripheral devices as described above. It is critical in this process that the automated teller machine (PC) authenticate itself to the new component, or that the automated teller machine can check the authenticity of the component. The new component will perform its tasks only after successful authentication.
The following classic approaches for authentication are found in this scenario:                1) The component and the automated teller machine have a common confidential key. In this case, key administration is either very complex, or the same key is used for a plurality of automated teller machines.        2) The component itself is signed by a CA (certificate authority) or possesses information that allows it to check digital signatures or certificates. In this instance also, a classic PKI (public key infrastructure) must be administered.        